Create: CozyDuke
POST https://{{CTIA_host}}/ctia/casebook?size=100
Request Params
| Key | Datatype | Required | Description |
|---|---|---|---|
size | number |
Request Body
{"description"=>"**Notes for my API generated Casebook**\n- [x] Generate a SecureX OAUTH Token\n- [x] Store the Token to be used for several API calls\n- [x] The Post requests includes a JSON formatted body including all casebok information\n- [ ] Review the Response provided\n- [ ] Response is JSON formatted\n\n***\n\n\n**Other Notes when using the API to manage the**\n- CTIA API documentation: https://private.intel.amp.cisco.com/index.html#/\n\n", "schema_version"=>"1.1.3", "observables"=>[{"value"=>"b86923a9d13d2e4c07bef3c15b940c17af3318b52f2edb598b66c2ea640eefd9", "type"=>"sha256"}, {"value"=>"f8f1c210a8c863efc0f6b8ac3553030a14a702ce8cf573cb5e9cd58f70c7c622", "type"=>"sha256"}, {"value"=>"6c8eea3ba31463a04d041f4c9ff50b50d9b5945d3306fee35fb4b5bfd292692b", "type"=>"sha256"}, {"value"=>"41270685a7496961e625773bcfe1ac50727847c66de69a9b2a2bf34699c30f54", "type"=>"sha256"}, {"value"=>"loki\\carl", "type"=>"user"}, {"value"=>"examplemalwaredomain.com", "type"=>"domain"}, {"value"=>"http://146.112.62.39", "type"=>"url"}, {"value"=>"146.112.62.39", "type"=>"ip"}, {"value"=>"mim.exe", "type"=>"file_name"}, {"value"=>"c:\\windows\\system32\\netsh.exe", "type"=>"file_path"}, {"value"=>"administrator", "type"=>"user"}, {"value"=>"carl.minion@acme.demo", "type"=>"email"}, {"value"=>"http://10.10.10.200:8000/bin/Installer.msi", "type"=>"url"}, {"value"=>"10.10.10.200", "type"=>"ip"}, {"value"=>"4a71abed8003ed6e38998be7324f3d87", "type"=>"md5"}, {"value"=>"python.exe", "type"=>"file_name"}, {"value"=>"msiexec.exe", "type"=>"file_name"}, {"value"=>"a979a84649b0e0ee43f295e7bc8d0dc6520512d007119973b4cbb4db0af26e3a", "type"=>"sha256"}, {"value"=>"wmic.exe", "type"=>"file_name"}, {"value"=>"raw.githubusercontent.com", "type"=>"domain"}, {"value"=>"https://raw.githubusercontent.com/mattifestation/PowerSploit/master/Exfiltration/Invoke-Mimikatz.ps", "type"=>"url"}], "type"=>"casebook", "short_description"=>"Generated using the API", "title"=>"API-generated Casebook", "tlp"=>"amber"}